librepo: missing path validation in repomd.xml may lead to directory traversal

A flaw was found in librepo. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This fl...

Cisco SD-WAN vManage Elevation of Privilege Vulnerability

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. An elevation of privilege vulnerability exists in the System File Transfer feature of Cisco SD-WAN vManage. The vulnerability stems from improper validation of the path input to the System...

PT-2020-4644 · Cisco · Cisco Sd-Wan Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vManage Software affected versions not specified Description: A vulnerability in the system file transfer functions could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The...

CVE-2020-24046

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This restricted shell can be bypassed after changing the properties of the user admin in the operating...

librepo: missing path validation in repomd.xml may lead to directory traversal

A flaw was found in librepo. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This fl...

Ingenico Telium 2 POS File Read Bypass Vulnerability

Ingenico Telium 2 POS is a cash register system. A file read bypass vulnerability exists in Ingenico Telium 2 POS NTPT3, which can be exploited by a remote attacker to submit a special request to read the contents of a system file in the application context...

Malicious Package

fallguys is a malicious package. Malicious code within the library attempts to read local system files and exfiltrate information through a Discord webhook. The code attempts to access various files on Windows systems such as...

PT-2020-3685 · Microsoft · Windows Appx Deployment Extensions +1

Name of the Vulnerable Software and Affected Versions: Windows AppX Deployment Extensions affected versions not specified Description: The issue is related to improper privilege management in the Windows AppX Deployment Extensions, allowing an authenticated attacker to elevate privileges by runni...

CVE-2020-15419

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.75020200415. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ReporterImportLicense class. Due to the improper restriction of...

The vulnerability of the Secdo security incident investigation software arises from incorrect default access settings, which allow attackers to elevate their privileges and re-write system files.

The vulnerability of the Secdo security incident investigation software is related to incorrect default access settings for the folder C:\Programdata\Secdo\Logs. Exploiting this vulnerability allows an attacker to increase their privileges and overwrite system files...

CVE-2020-3796

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an improper access control vulnerability. Successful exploitation could lead to system file structure disclosure...

Improper access control

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an improper access control vulnerability. Successful exploitation could lead to system file structure disclosure...

CVE-2020-3796

CVE-2020-3796 affects Adobe ColdFusion 2016 and ColdFusion 2018. The root cause is improper access control that could allow an attacker to disclose the underlying system file structure. Affected products include ColdFusion 2016 before update 15 and ColdFusion 2018 before update 9 (per APSB20-18 a...

CVE-2020-5962

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

CVE-2020-5962

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

Design/Logic Flaw

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

CVE-2020-5962

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

Micro Star Dragon Center Security Vulnerability

Micro Star Dragon Center is an application for management control of MSI components, desktop systems, and peripherals from Micro Star Technology Micro Star of Taiwan, China. A security vulnerability exists in the "C:\%PROGRAMDATA\%MSIDragon Center" folder of Micro Star Dragon Center version...

Directory traversal

Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary...

Ansible: archive traversal vulnerability in ansible-galaxy collection install

An archive traversal flaw was found in Ansible Engine when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system...